Sign in
  • Home
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Support
Request phishing analysis
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Get started for free
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Only 22 of the top 100 retailers are protected by DMARC
  • Blog
    DMARC authentication gets you the deliverability you deserve
  • Blog
    How vulnerable are U.S. election operations to email spoofing?
Valimail blog

New Black Hat Research Names Phishing #1 Concern

Author: Valimail

In the just-released 2016 Black Hat Attendee Survey, phishing far-and-away topped the list for the type of attack that scares security professionals today. This survey of 250 Black Hat attendees took place at last week’s Black Hat conference in Las Vegas.

Asked which threat or challenges are of greatest concern to them, 46% of attendees chose “Phishing, social network exploits, or other forms of social engineering,” making it the top answer. Second on the list was “Sophisticated attacks targeted directly at the organization” at 43%. It happens that the majority of those sophisticated attacks depend on spear phishing as a part of the attack lifecycle, typically as the entry point. Considering that the third item on the list sits at a mere 20% and they go down from there, it clear that phishing is a major concern to the large enterprise security specialists that attend Black Hat.

Threats-Concern-You.pngSenior execs aren’t all that different, with sophisticated attacks in the top spot (33%), followed by industry and regulatory compliance (28%), and then phishing and other social engineering attacks (24%).

Threats-Concern-Management.pngThey expect this problem to continue as well. Asked to predict their main sources of concern in two years, not surprisingly Internet of Things jumped to the top at 28%. But next came espionage or surveillance from foreign governments or competitors and sophisticated, targeted attacks, both at 24%, followed by phishing at 20%. Since attacks from foreign governments are simply another form of sophisticated, advanced attack, phishing plays its expected role in these attacks as well. That means three of the top four anticipated threats are dependent on phishing.

Greatest-Concern-in-Two-Years.png

If we ask ourselves why phishing is such a problem for IT, we may find the answer in figure 5.

Weakest-Link-Todays-IT.png

Survey respondents describe the weakest link in security as end users who violate security policy or are fooled by social engineering. I have discussed earlier on this blog how (and why) training employees not to fall for spear phishing attacks does not work in the absence of additional help for the end users. The responses to this question support the same conclusion.

Back to blog
Published August 8, 2016
  • Cybersecurity
  • Phishing
Author: Valimail
Valimail is the global leader in zero-trust email security. The company’s full line of cloud-native solutions authenticate sender identity to stop phishing, protect brands, and ensure compliance; they are used by organizations ranging from neighborhood shops to some of the world's largest organizations, including Uber, Splunk, Yelp, Fannie Mae, Mercedes Benz USA, and the U.S. Federal Aviation Administration. Valimail is the fastest growing DMARC solution, with the most domains at DMARC enforcement, and is the premier DMARC partner for Microsoft 365 environments. For more information visit www.valimail.com.
Resources
Top retailers remain vulnerable to email brand spoofing
Learn more
Email security with Microsoft and Valimail
Learn more
Election email security
Learn more
Email fraud landscape, Summer 2020
Learn more
Preparing for BIMI: A Marketer’s Guide
Learn more
Latest news
Trump’s refusal to concede the election is creating an opening for cy...
Learn more
2020 General Election Results to Directly Impact Tech Industry
Learn more
Why Email Is Still an Election Day Disinformation Risk
Learn more
US elections are still vulnerable to email spoofing
Learn more
Security Gaps Persist, Report Warns, After U.S. Blames Iran In Election Sch...
Learn more
Press releases
Valimail Triples Customer Base, Becomes Top Global DMARC Provider in 2020
Learn more
Valimail: 2020 election infrastructure still vulnerable to email hackers
Learn more
Valimail Announces Selection by ASG for Anti-Phishing and BEC Protection
Learn more
Valimail DMARC Monitor and Valimail Enforce Now Available in the Microsoft ...
Learn more
Valimail Research Finds More Than 1 Million Domains Using Crucial Email Aut...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

1550 Larimer Street
Suite 271
Denver, CO 80202

Request a full phishing analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Website terms of use
  • Do not sell my personal information
  • Phishing Analysis
  • Domain Checker
  • Products
  • Enforce
  • DMARC Monitor
  • Instant SPF
  • Amplify
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Government
  • Marketing
  • Microsoft
  • Shadow IT
  • About
  • News + awards
  • Partners
  • Team
  • Careers
  • Industry leadership
  • Customer support
  • Learn
  • Resources
  • Blog
  • Customers
Subscribe to our newsletter

Get exclusive content on improving email security and deliverability from the experts at Valimail.

  • *
    I understand that I may proactively manage my preferences, or opt-out of Valimail communications at any time using the unsubscribe link provided in Valimail email communication. I confirm that I am over the age of 16. The information that you provide will be used in accordance with the terms of our Privacy Policy.
  • This field is for validation purposes and should be left unchanged.